# Contributor: tetsumaki <yd-alpine@tetsumaki.net>
# Contributor: Kevin Daudt <kdaudt@alpinelinux.org>
# Maintainer: Kevin Daudt <kdaudt@alpinelinux.org>
pkgname=cs-firewall-bouncer
pkgver=0.0.31
pkgrel=0
pkgdesc="Crowdsec bouncer for firewalls"
url="https://github.com/crowdsecurity/cs-firewall-bouncer"
arch="all"
license="MIT"
makedepends="go gettext"
subpackages="$pkgname-openrc $pkgname-awall::noarch"
options="!check" # no tests
source="$pkgname-$pkgver.tar.gz::https://github.com/crowdsecurity/cs-firewall-bouncer/archive/refs/tags/v$pkgver.tar.gz
	enable-cgo.patch
	cs-firewall-bouncer.initd
	awall-policy.json
	"

export GOFLAGS="$GOFLAGS -modcacherw"
export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"

build() {
	make \
		BUILD_VERSION=$pkgver \
		BUILD_TAG="aports"
}

package() {
	install -Dm0755 crowdsec-firewall-bouncer -t "$pkgdir"/usr/bin/
	mkdir -p "$pkgdir"/usr/sbin/
	ln -s "$pkgdir"/usr/bin/crowdsec-firewall-bouncer "$pkgdir"/usr/sbin/crowdsec-firewall-bouncer
	install -dm0755 "$pkgdir"/etc/crowdsec/bouncers
	(umask 077 && BACKEND=iptables API_KEY="" envsubst \
		<config/crowdsec-firewall-bouncer.yaml \
		>"$pkgdir"/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml)

	install -Dm0755 "$srcdir"/$pkgname.initd \
		"$pkgdir"/etc/init.d/cs-firewall-bouncer
}

awall() {
	pkgdesc="crowdsec bouncer awall policy"
	depends="$pkgname"
	install_if="awall $pkgname=$pkgver-r$pkgrel"

	install -Dm0644 "$srcdir"/awall-policy.json \
		"$subpkgdir"/etc/awall/optional/cs-firewall-bouncer.json
}

sha512sums="
400c61595f456668343d8ff34b68eaaabc03db4ae503d6a0a3def60cfd495162e9b72c75ed791d0bbfce691b36a947c2643922ad196a59fae53a300a740acab8  cs-firewall-bouncer-0.0.31.tar.gz
1ee9957973d8d0d4e4799139b5455441a0807d4d3cb4561aa816b834202a639c156793f59b4c928ff54bf77f7093c4e09978e12560cc4d46323b02f173bddd64  enable-cgo.patch
edaf9cd6af81586fa1b4469f623f5c284934accf3d3717a6d53a9fab964b906f046d45507609c792813bb10977be5fe3a01944d1ec85d7f99579218393eed06d  cs-firewall-bouncer.initd
ef039ad3dcf24a7e9a2312926ab86ae16cfedf201e0a5c2f769db5eba525f874d668b051fb6a1dc6ca7c62236da8d9cd5328a8f522ec740577436bd27129965e  awall-policy.json
"
